Twitter adds HTTPS support by default

Last year, we added the option to always use HTTPS when accessing Twitter.com on the web. This setting makes your Twitter experience more secure by protecting your information, and it’s especially helpful if you use Twitter over an unsecured Internet connection like a public wi-fi network.

Now, HTTPS will be on by default for all users, whenever you sign in to Twitter.com. If you prefer not use it, you can turn it off on your Account Settings page. HTTPS is one of the best ways to keep your account safe and it will only get better as we continue to improve HTTPS support on our web and mobile clients.

From now one, the millions of Twitter users will be protected from popular sniffing attacks, taking place over insecure networks such as the ubiquitous public Wi-Fi networks.

For years, cybercriminals have been obtaining Twitter login credentials by actively data mining their botnets for Twitter login data. Once the host is malware infected, it renders HTTPS useless as the cybercriminals is performing active man-in-the-middle attacks on the targeted hosts.

Thankfully, Twitter’s newly announced feature is a step in the right direction, so avoid turning it off.